Tag Archives: Lesson

You may not be Jennifer Lawrence or Kate Upton, or even know or care who those women are, but you should be aware of the latest “scandal” that included risqué photos of the pop stars and the good old cloud.

Over the Labor Day weekend, it was reported that nude photos of the high-profile celebrities were leaked online via the web forum, 4chan, by a “hacker” who was able to get into the celebrities’ personal phone storage and lift the photos from their cloud accounts. The hacker reportedly was looking to make some cash off the photos (although the identity of the hacker hasn’t been uncovered) and had made an announcement that there were more photos that would stay under wraps if he/she received PayPal donations.

Although some of these photos were said to be forgeries, representatives for Jennifer Lawrence and Mary E. Winstead confirmed their authenticity.

With the dust starting to settle after the dreadful hacking and exposure of various female celebrities’ nude selfies, we’re finally in a position to consider the implications of what happened.

Most of this information isn’t new as such – the episode brought to the fore circumstances and activities that have been around for a while – but there are lessons in there, and it’s time we gave them serious consideration.

1. Some cloud security is unacceptably poor

[company]Apple[/company] uses two-factor authentication (2FA) as a protection for Apple ID management and iTunes and App Store purchases, but not for iCloud backups, which is where many of these pictures came from. Even where the company does employ 2FA, it doesn’t exactly make it easy. What’s more, as Nik Cubrilovic wrote in his excellent in-depth analysis of underground marketplaces and forums, Apple makes it far too easy to execute so-called brute force…